Posts Tagged ‘identity theft’
Tuesday, February 24th, 2009
Here’s an interesting progression in how to address the growing data breaches that occur largely from ignored, overlooked, and/or inadequate security practices…
(more…)
Tags:awareness and training, encryption, identity theft, Information Security, IT compliance, IT training, laptop theft, policies and procedures, privacy training, risk management, security training, Starbucks, stolen laptop
Posted in Information Security, Lost & Stolen Laptops, Privacy and Compliance, Privacy Incidents | No Comments »
Friday, January 16th, 2009
If you are a business leader you must know and understand that encrypting personally identifiable information (PII) protects that PII from being used for identity theft and other crimes should it fall into the hands of a crook. Business leaders need to know this, but unfortunately too many do not really know what encryption is, let alone how it can be used to protect PII, along with the business.
(more…)
Tags:awareness and training, encrypt, encryption, identity theft, Information Security, IT compliance, IT training, personally identifiable information, PII, policies and procedures, privacy training, risk management, security training
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »
Wednesday, December 17th, 2008
Today the U.S. Federal Trade Commission (FTC) released a new report about social security numbers (SSNs), identity theft, and recommended 5 ways to help prevend having SSNs being used for identity theft…
(more…)
Tags:awareness and training, FTC, identity theft, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Laws & Regulations, Privacy and Compliance | No Comments »
Friday, November 7th, 2008
Just last month I blogged about the new Identity Theft Enforcement and Restitution Act of 2008. It covers extortion. I’m interested to see if it gets used for the latest extortion attempt…
(more…)
Tags:awareness and training, cybercrime, Express Scripts, extortion, identity theft, Information Security, IT compliance, IT training, personally identifiable information, PII, policies and procedures, privacy training, risk management, security training
Posted in identity theft, Privacy Incidents | No Comments »
Tuesday, October 28th, 2008
Here’s a story that points to how vulnerable people are to identity theft and other types of crimes and frauds from slimy family…and ex-family…members…
(more…)
Tags:awareness and training, identity theft, Information Security, insider threat, IT compliance, IT training, policies and procedures, privacy training, protecting information, risk management, security training
Posted in identity theft | No Comments »
Friday, October 17th, 2008
If you must comply with the Red Flags Rule, which is a rule that falls under the umbrella of the Fair and Accurate Credit Transactions Act (FACTA), which most organizations in the U.S. who process payments from their customers must comply with, for which compliance is required by November 1 of this year, then you should review the recently released guidance documents that will be used by the government oversight examiners…
(more…)
Tags:awareness and training, FDIC, federal reserve, identity theft, Information Security, IT compliance, IT training, policies and procedures, privacy law, privacy training, Red Flags rule, risk management, security training
Posted in Laws & Regulations, Privacy and Compliance | No Comments »
Sunday, October 12th, 2008
I just read about a new law signed at the end of September, 2008, by U.S. President Bush, H.R. 5983; the “Identity Theft Enforcement and Restitution Act of 2008” which is under Title II.
(more…)
Tags:awareness and training, cybercrime, identity theft, Information Security, IT compliance, IT training, law, policies and procedures, privacy training, risk management, security training
Posted in Laws & Regulations | 2 Comments »
Monday, August 25th, 2008
Yesterday I read about the 7th criminal conviction and sentencing that has been given under HIPAA, “Woman gets 14 months in ID theft case.”
(more…)
Tags:awareness and training, Health Insurance Portability and Accountability Act, HIPAA, identity fraud, identity theft, Information Security, insider threat, IT compliance, IT training, Jay Meckenstock, Leslie A. Howell, Nicole Lanae Stevenson, policies and procedures, privacy training, risk management, security training
Posted in identity theft, Laws & Regulations, Non-compliance Sanctions Examples, Privacy and Compliance, Privacy Incidents | No Comments »
Sunday, March 2nd, 2008
Tags:awareness and training, HHS, HIPAA, identity theft, Information Security, IT compliance, Leslie Howell, patient privacy, personally identifiable information, PII, policies and procedures, privacy breach, risk management, security awareness, security training
Posted in Non-compliance Sanctions Examples | No Comments »
Monday, February 18th, 2008
It shouldn’t still amaze me, but it does, how often so many organizations just dump huge amounts of printed paper containing tons of personally identifiable information (PII) right into their dumpster sitting behind their building, in the alley, or some other easily reachable public location.
Here’s yet another example of a business throwing away people’s privacy in their trash dumpster…
(more…)
Tags:awareness and training, consumer fraud, data disposal, disposal rule, dumpster diving, FTC, identity theft, Information Security, IT compliance, personal information breach, policies and procedures, privacy breach, risk management, security awareness, security training
Posted in identity theft, Information Security, Privacy and Compliance, Privacy Incidents | No Comments »
